Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Rockwell Automation — Vulnerabilities & Security Advisories 259

Browse all 259 CVE security advisories affecting Rockwell Automation. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Rockwell Automation specializes in industrial automation and information integration, providing critical control systems for manufacturing and process industries. Its software portfolio, including FactoryTalk and PlantPAx, manages complex operational technology environments, making it a high-value target for threat actors seeking to disrupt industrial infrastructure. Historical vulnerability data reveals a prevalence of remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from legacy components or insufficient input validation in web-based interfaces. Notable incidents include the 2018 discovery of backdoors in FactoryTalk View SE, which allowed unauthorized access to industrial control systems. These vulnerabilities highlight the persistent risk of insecure default configurations and unpatched legacy systems within industrial networks. The sheer volume of recorded CVEs underscores the complexity of securing interconnected OT/IT environments, where updates must balance operational continuity with rigorous security hygiene to prevent catastrophic physical or data breaches.

Found 11 results / 259Clear Filters
Top products by Rockwell Automation: Arena® Arena Simulation ArmorStart ST ArmorStart® LT FactoryTalk AssetCentre 1756-ENBT, 1756-EWEB, 1768-ENBT, 1768-EWEB communication modules ThinManager ThinServer FactoryTalk View SE ThinManager® ThinServer™ ISaGRAF Runtime RSLinx Classic Pavilion8® ControlLogix® 5580 FactoryTalk® View SE Verve Asset Manager Arena® Simulation RSLinx Enterprise Software FactoryTalk Updater FactoryTalk View Machine Edition ThinManager PM1k 1408-BC3A-485 FactoryTalk® AssetCentre FactoryTalk System Services Comms - 1783-NATR FactoryTalk® DataMosaix™ Private Cloud ISaGRAF Workbench Connected Components Workbench CompactLogix 5380 controllers Micro820®, Micro850®, Micro870® FactoryTalk® Service Platform
CVE IDTitleCVSSSeverityPublished
CVE-2024-2929 Rockwell Automation Arena Simulation Vulnerable To Memory Corruption — Arena SimulationCWE-119 7.8 High2024-03-26
CVE-2024-21920 Rockwell Automation Arena Simulation Vulnerable To Buffer Overflow — Arena SimulationCWE-125 4.4 Medium2024-03-26
CVE-2024-21919 Rockwell Automation Arena Simulation Vulnerable To Uninitialized Pointer — Arena SimulationCWE-824 7.8 High2024-03-26
CVE-2024-21918 Rockwell Automation Arena Simulation Vulnerable To Memory Corruption — Arena SimulationCWE-416 7.8 High2024-03-26
CVE-2024-21913 Rockwell Automation Arena Simulation Vulnerable To Memory Corruption — Arena SimulationCWE-122 7.8 High2024-03-26
CVE-2024-21912 Rockwell Automation Arena Simulation vulnerable to out of bounds write — Arena SimulationCWE-787 7.8 High2024-03-26
CVE-2023-27858 Rockwell Automation Arena® Simulation Uninitialized Pointer Vulnerability — Arena SimulationCWE-824 7.8 High2023-10-27
CVE-2023-27854 Rockwell Automation Arena® Simulation Out of Bounds Read Vulnerability — Arena SimulationCWE-125 7.8 High2023-10-27
CVE-2023-29462 Rockwell Automation Arena Simulation Software Remote Code Execution Vulnerability — Arena SimulationCWE-787 7.8 High2023-05-09
CVE-2023-29461 Rockwell Automation Arena Simulation Software Remote Code Execution Vulnerability — Arena SimulationCWE-125 7.8 High2023-05-09
CVE-2023-29460 Rockwell Automation Arena Simulation Software Remote Code Execution Vulnerability — Arena SimulationCWE-125 7.8 High2023-05-09

This page lists every published CVE security advisory associated with Rockwell Automation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.